trustcheck 1.0.0__tar.gz

trustcheck-1.0.0/LICENSE

@@ -0,0 +1,28 @@
+BSD 3-Clause License
+
+Copyright (c) 2026, Halfblood-Prince
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+1. Redistributions of source code must retain the above copyright notice, this
+   list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright notice,
+   this list of conditions and the following disclaimer in the documentation
+   and/or other materials provided with the distribution.
+
+3. Neither the name of the copyright holder nor the names of its
+   contributors may be used to endorse or promote products derived from
+   this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

trustcheck-1.0.0/PKG-INFO

@@ -0,0 +1,76 @@
+Metadata-Version: 2.4
+Name: trustcheck
+Version: 1.0.0
+Summary: Package trust and provenance verification for PyPI consumers.
+License: BSD 3-Clause License
+Keywords: pypi,security,supply-chain,provenance,attestations
+Classifier: Development Status :: 3 - Alpha
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3 :: Only
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Classifier: Programming Language :: Python :: 3.14
+Classifier: Topic :: Security
+Classifier: Topic :: Software Development :: Build Tools
+Requires-Python: >=3.10
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Dynamic: license-file
+
+# trustcheck
+
+`trustcheck` is a small Python package and CLI for checking PyPI package trust signals before installation.
+
+The immediate goal is pragmatic: answer questions like these in one local command:
+
+- Does this release expose PyPI provenance / attestation data?
+- Was it published through a Trusted Publisher flow?
+- Which repository URLs does the package claim?
+- Do those URLs match the repository I expected?
+- Are there known PyPI vulnerability records for the selected release?
+- Are there obvious risk flags worth reviewing before install?
+
+This MVP is intentionally conservative:
+
+- It fetches metadata from PyPI's JSON API and provenance objects from PyPI's Integrity API.
+- It surfaces publisher identity hints from provenance bundles when available.
+- It does not yet perform full cryptographic attestation verification. That should be added in a later release via Sigstore / `pypi-attestations` style verification.
+
+## Install
+
+```bash
+pip install -e .
+```
+
+## Usage
+
+```bash
+trustcheck inspect requests
+trustcheck inspect sampleproject --version 4.0.0
+trustcheck inspect sampleproject --expected-repo https://github.com/pypa/sampleproject
+trustcheck inspect sampleproject --format json
+```
+
+## What the report includes
+
+- Selected project and version
+- Declared project URLs and likely repository URLs
+- PyPI ownership metadata when exposed
+- Known vulnerabilities from PyPI
+- Distribution file hashes
+- Provenance / attestation availability per file
+- Trusted Publisher identity hints extracted from provenance bundles
+- Risk flags and an overall recommendation tier
+
+## Roadmap
+
+- Full cryptographic verification of PyPI attestations
+- Stronger repository canonicalization and source matching
+- Policy files for CI and org-level enforcement
+- Support for lockfiles and dependency trees
+- Offline caching and SBOM-style export
+

trustcheck-1.0.0/README.md

@@ -0,0 +1,53 @@
+# trustcheck
+
+`trustcheck` is a small Python package and CLI for checking PyPI package trust signals before installation.
+
+The immediate goal is pragmatic: answer questions like these in one local command:
+
+- Does this release expose PyPI provenance / attestation data?
+- Was it published through a Trusted Publisher flow?
+- Which repository URLs does the package claim?
+- Do those URLs match the repository I expected?
+- Are there known PyPI vulnerability records for the selected release?
+- Are there obvious risk flags worth reviewing before install?
+
+This MVP is intentionally conservative:
+
+- It fetches metadata from PyPI's JSON API and provenance objects from PyPI's Integrity API.
+- It surfaces publisher identity hints from provenance bundles when available.
+- It does not yet perform full cryptographic attestation verification. That should be added in a later release via Sigstore / `pypi-attestations` style verification.
+
+## Install
+
+```bash
+pip install -e .
+```
+
+## Usage
+
+```bash
+trustcheck inspect requests
+trustcheck inspect sampleproject --version 4.0.0
+trustcheck inspect sampleproject --expected-repo https://github.com/pypa/sampleproject
+trustcheck inspect sampleproject --format json
+```
+
+## What the report includes
+
+- Selected project and version
+- Declared project URLs and likely repository URLs
+- PyPI ownership metadata when exposed
+- Known vulnerabilities from PyPI
+- Distribution file hashes
+- Provenance / attestation availability per file
+- Trusted Publisher identity hints extracted from provenance bundles
+- Risk flags and an overall recommendation tier
+
+## Roadmap
+
+- Full cryptographic verification of PyPI attestations
+- Stronger repository canonicalization and source matching
+- Policy files for CI and org-level enforcement
+- Support for lockfiles and dependency trees
+- Offline caching and SBOM-style export
+

trustcheck-1.0.0/pyproject.toml

@@ -0,0 +1,36 @@
+[build-system]
+requires = ["setuptools>=68", "wheel"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "trustcheck"
+version = "1.0.0"
+description = "Package trust and provenance verification for PyPI consumers."
+readme = "README.md"
+requires-python = ">=3.10"
+license = { text = "BSD 3-Clause License" }
+keywords = ["pypi", "security", "supply-chain", "provenance", "attestations"]
+classifiers = [
+  "Development Status :: 3 - Alpha",
+  "Intended Audience :: Developers",
+  "License :: OSI Approved :: MIT License",
+  "Programming Language :: Python :: 3",
+  "Programming Language :: Python :: 3 :: Only",
+  "Programming Language :: Python :: 3.10",
+  "Programming Language :: Python :: 3.11",
+  "Programming Language :: Python :: 3.12",
+  "Programming Language :: Python :: 3.13",
+  "Programming Language :: Python :: 3.14",
+  "Topic :: Security",
+  "Topic :: Software Development :: Build Tools",
+]
+
+[project.scripts]
+trustcheck = "trustcheck.cli:main"
+
+[tool.setuptools]
+package-dir = { "" = "src" }
+
+[tool.setuptools.packages.find]
+where = ["src"]
+

trustcheck-1.0.0/setup.cfg

@@ -0,0 +1,4 @@
+[egg_info]
+tag_build = 
+tag_date = 0
+

trustcheck-1.0.0/src/trustcheck/__init__.py

@@ -0,0 +1,7 @@
+"""trustcheck package."""
+
+from .models import TrustReport
+from .service import inspect_package
+
+__all__ = ["TrustReport", "inspect_package"]
+

trustcheck-1.0.0/src/trustcheck/__main__.py

@@ -0,0 +1,6 @@
+from .cli import main
+
+
+if __name__ == "__main__":
+    raise SystemExit(main())
+

trustcheck-1.0.0/src/trustcheck/cli.py

@@ -0,0 +1,108 @@
+from __future__ import annotations
+
+import argparse
+import json
+from typing import Sequence
+
+from .service import inspect_package
+
+
+def build_parser() -> argparse.ArgumentParser:
+    parser = argparse.ArgumentParser(
+        prog="trustcheck",
+        description="Inspect PyPI package trust and provenance signals.",
+    )
+    subparsers = parser.add_subparsers(dest="command", required=True)
+
+    inspect_parser = subparsers.add_parser("inspect", help="Inspect a package on PyPI.")
+    inspect_parser.add_argument("project", help="Project name on PyPI.")
+    inspect_parser.add_argument("--version", help="Specific version to inspect.")
+    inspect_parser.add_argument(
+        "--expected-repo",
+        help="Repository URL you expect the package to come from.",
+    )
+    inspect_parser.add_argument(
+        "--format",
+        choices=("text", "json"),
+        default="text",
+        help="Output format.",
+    )
+    return parser
+
+
+def main(argv: Sequence[str] | None = None) -> int:
+    parser = build_parser()
+    args = parser.parse_args(argv)
+
+    if args.command == "inspect":
+        report = inspect_package(
+            args.project,
+            version=args.version,
+            expected_repository=args.expected_repo,
+        )
+        if args.format == "json":
+            print(json.dumps(report.to_dict(), indent=2, sort_keys=True))
+        else:
+            print(_render_text_report(report))
+        return 0
+
+    parser.error("unknown command")
+    return 2
+
+
+def _render_text_report(report) -> str:
+    lines: list[str] = [
+        f"trustcheck report for {report.project} {report.version}",
+        f"recommendation: {report.recommendation}",
+        f"package: {report.package_url}",
+    ]
+
+    if report.summary:
+        lines.append(f"summary: {report.summary}")
+
+    if report.repository_urls:
+        lines.append("repository urls:")
+        lines.extend(f"  - {url}" for url in report.repository_urls)
+
+    if report.expected_repository:
+        lines.append(f"expected repository: {report.expected_repository}")
+
+    ownership = report.ownership or {}
+    roles = ownership.get("roles") or []
+    organization = ownership.get("organization")
+    if organization or roles:
+        lines.append("ownership:")
+        if organization:
+            lines.append(f"  - organization: {organization}")
+        for role in roles:
+            lines.append(f"  - {role.get('role')}: {role.get('user')}")
+
+    if report.vulnerabilities:
+        lines.append("vulnerabilities:")
+        for vuln in report.vulnerabilities:
+            lines.append(f"  - {vuln.id}: {vuln.summary}")
+
+    lines.append("files:")
+    for file in report.files:
+        lines.append(f"  - {file.filename}")
+        lines.append(f"    provenance: {'yes' if file.has_provenance else 'no'}")
+        if file.sha256:
+            lines.append(f"    sha256: {file.sha256}")
+        if file.publisher_identities:
+            for identity in file.publisher_identities:
+                lines.append(
+                    f"    publisher: kind={identity.kind} repository={identity.repository or '-'} workflow={identity.workflow or '-'}"
+                )
+        if file.error:
+            lines.append(f"    note: {file.error}")
+
+    if report.risk_flags:
+        lines.append("risk flags:")
+        for flag in report.risk_flags:
+            lines.append(f"  - [{flag.severity}] {flag.code}: {flag.message}")
+    else:
+        lines.append("risk flags: none")
+
+    lines.append("note: provenance presence is a useful signal, but this MVP does not yet perform cryptographic attestation verification.")
+    return "\n".join(lines)
+

trustcheck-1.0.0/src/trustcheck/models.py

@@ -0,0 +1,60 @@
+from __future__ import annotations
+
+from dataclasses import asdict, dataclass, field
+from typing import Any
+
+
+@dataclass(slots=True)
+class RiskFlag:
+    code: str
+    severity: str
+    message: str
+
+
+@dataclass(slots=True)
+class VulnerabilityRecord:
+    id: str
+    summary: str
+    aliases: list[str] = field(default_factory=list)
+    source: str | None = None
+    fixed_in: list[str] = field(default_factory=list)
+    link: str | None = None
+
+
+@dataclass(slots=True)
+class PublisherIdentity:
+    kind: str
+    repository: str | None
+    workflow: str | None
+    environment: str | None
+    raw: dict[str, Any] = field(default_factory=dict)
+
+
+@dataclass(slots=True)
+class FileProvenance:
+    filename: str
+    url: str
+    sha256: str | None
+    has_provenance: bool
+    attestation_count: int = 0
+    publisher_identities: list[PublisherIdentity] = field(default_factory=list)
+    error: str | None = None
+
+
+@dataclass(slots=True)
+class TrustReport:
+    project: str
+    version: str
+    summary: str | None
+    package_url: str
+    repository_urls: list[str] = field(default_factory=list)
+    expected_repository: str | None = None
+    ownership: dict[str, Any] = field(default_factory=dict)
+    vulnerabilities: list[VulnerabilityRecord] = field(default_factory=list)
+    files: list[FileProvenance] = field(default_factory=list)
+    risk_flags: list[RiskFlag] = field(default_factory=list)
+    recommendation: str = "review"
+
+    def to_dict(self) -> dict[str, Any]:
+        return asdict(self)
+

trustcheck-1.0.0/src/trustcheck/pypi.py

@@ -0,0 +1,51 @@
+from __future__ import annotations
+
+import json
+from dataclasses import dataclass
+from typing import Any
+from urllib import error, parse, request
+
+
+PYPI_BASE_URL = "https://pypi.org"
+JSON_ACCEPT = "application/json"
+INTEGRITY_ACCEPT = "application/vnd.pypi.integrity.v1+json"
+
+
+class PypiClientError(RuntimeError):
+    """Raised when PyPI cannot satisfy a request."""
+
+
+@dataclass(slots=True)
+class PypiClient:
+    base_url: str = PYPI_BASE_URL
+    timeout: float = 10.0
+
+    def get_project(self, project: str) -> dict[str, Any]:
+        return self._get_json(f"/pypi/{parse.quote(project)}/json", accept=JSON_ACCEPT)
+
+    def get_release(self, project: str, version: str) -> dict[str, Any]:
+        project_q = parse.quote(project)
+        version_q = parse.quote(version)
+        return self._get_json(f"/pypi/{project_q}/{version_q}/json", accept=JSON_ACCEPT)
+
+    def get_provenance(self, project: str, version: str, filename: str) -> dict[str, Any]:
+        project_q = parse.quote(project)
+        version_q = parse.quote(version)
+        filename_q = parse.quote(filename)
+        path = f"/integrity/{project_q}/{version_q}/{filename_q}/provenance"
+        return self._get_json(path, accept=INTEGRITY_ACCEPT)
+
+    def _get_json(self, path: str, *, accept: str) -> dict[str, Any]:
+        url = f"{self.base_url}{path}"
+        req = request.Request(url, headers={"Accept": accept, "User-Agent": "trustcheck/0.1"})
+
+        try:
+            with request.urlopen(req, timeout=self.timeout) as response:
+                return json.load(response)
+        except error.HTTPError as exc:
+            if exc.code == 404:
+                raise PypiClientError(f"resource not found: {url}") from exc
+            raise PypiClientError(f"PyPI returned HTTP {exc.code} for {url}") from exc
+        except error.URLError as exc:
+            raise PypiClientError(f"unable to reach PyPI: {exc.reason}") from exc
+

trustcheck-1.0.0/src/trustcheck/service.py

@@ -0,0 +1,239 @@
+from __future__ import annotations
+
+from typing import Any
+from urllib.parse import urlparse
+
+from .models import FileProvenance, PublisherIdentity, RiskFlag, TrustReport, VulnerabilityRecord
+from .pypi import PypiClient, PypiClientError
+
+
+def inspect_package(
+    project: str,
+    *,
+    version: str | None = None,
+    expected_repository: str | None = None,
+    client: PypiClient | None = None,
+) -> TrustReport:
+    client = client or PypiClient()
+
+    payload = client.get_release(project, version) if version else client.get_project(project)
+    info = payload.get("info", {})
+    selected_version = payload.get("info", {}).get("version") or version or "unknown"
+    project_urls = _extract_repository_urls(info.get("project_urls") or {})
+    vulnerabilities = _parse_vulnerabilities(payload.get("vulnerabilities") or [])
+    ownership = info.get("ownership") or {}
+    files = _collect_files(project, selected_version, payload, client)
+
+    report = TrustReport(
+        project=project,
+        version=selected_version,
+        summary=info.get("summary"),
+        package_url=f"https://pypi.org/project/{project}/{selected_version}/",
+        repository_urls=project_urls,
+        expected_repository=expected_repository,
+        ownership=ownership,
+        vulnerabilities=vulnerabilities,
+        files=files,
+    )
+    report.risk_flags = _build_risk_flags(report)
+    report.recommendation = _recommendation_for(report.risk_flags)
+    return report
+
+
+def _collect_files(
+    project: str,
+    version: str,
+    payload: dict[str, Any],
+    client: PypiClient,
+) -> list[FileProvenance]:
+    urls = payload.get("urls") or []
+    results: list[FileProvenance] = []
+
+    for item in urls:
+        filename = item.get("filename") or ""
+        provenance = FileProvenance(
+            filename=filename,
+            url=item.get("url") or "",
+            sha256=(item.get("digests") or {}).get("sha256"),
+            has_provenance=False,
+        )
+        try:
+            prov_payload = client.get_provenance(project, version, filename)
+            bundles = prov_payload.get("attestation_bundles") or []
+            provenance.has_provenance = bool(bundles)
+            provenance.attestation_count = sum(
+                len(bundle.get("attestations") or [])
+                for bundle in bundles
+                if isinstance(bundle, dict)
+            )
+            provenance.publisher_identities = _parse_publisher_identities(bundles)
+        except PypiClientError as exc:
+            provenance.error = str(exc)
+        results.append(provenance)
+    return results
+
+
+def _parse_vulnerabilities(items: list[dict[str, Any]]) -> list[VulnerabilityRecord]:
+    vulnerabilities: list[VulnerabilityRecord] = []
+    for item in items:
+        vulnerabilities.append(
+            VulnerabilityRecord(
+                id=item.get("id") or "unknown",
+                summary=item.get("summary") or item.get("details") or "No summary provided.",
+                aliases=list(item.get("aliases") or []),
+                source=item.get("source"),
+                fixed_in=list(item.get("fixed_in") or []),
+                link=item.get("link"),
+            )
+        )
+    return vulnerabilities
+
+
+def _extract_repository_urls(project_urls: dict[str, str]) -> list[str]:
+    repo_urls: list[str] = []
+    preferred_labels = ("source", "source code", "repository", "repo", "homepage", "home")
+
+    for label, url in project_urls.items():
+        label_norm = label.strip().lower()
+        if any(token in label_norm for token in preferred_labels):
+            repo_urls.append(url)
+
+    if not repo_urls:
+        repo_urls.extend(project_urls.values())
+
+    deduped: list[str] = []
+    seen: set[str] = set()
+    for url in repo_urls:
+        normalized = _normalize_repo_url(url)
+        if normalized not in seen:
+            deduped.append(url)
+            seen.add(normalized)
+    return deduped
+
+
+def _parse_publisher_identities(bundles: list[dict[str, Any]]) -> list[PublisherIdentity]:
+    identities: list[PublisherIdentity] = []
+
+    for bundle in bundles:
+        publisher = bundle.get("publisher") or bundle.get("verification_material", {}).get("publisher")
+        if not isinstance(publisher, dict):
+            continue
+
+        kind = str(publisher.get("kind") or publisher.get("issuer") or "unknown")
+        repository = (
+            publisher.get("repository")
+            or publisher.get("repository_url")
+            or publisher.get("repo")
+            or publisher.get("sub")
+        )
+        workflow = (
+            publisher.get("workflow")
+            or publisher.get("workflow_ref")
+            or publisher.get("job_workflow_ref")
+        )
+        environment = publisher.get("environment")
+        identities.append(
+            PublisherIdentity(
+                kind=kind,
+                repository=repository,
+                workflow=workflow,
+                environment=environment,
+                raw=publisher,
+            )
+        )
+    return identities
+
+
+def _build_risk_flags(report: TrustReport) -> list[RiskFlag]:
+    flags: list[RiskFlag] = []
+
+    if report.vulnerabilities:
+        flags.append(
+            RiskFlag(
+                code="known_vulnerabilities",
+                severity="high",
+                message=f"PyPI reports {len(report.vulnerabilities)} known vulnerability record(s) for this release.",
+            )
+        )
+
+    if not report.repository_urls:
+        flags.append(
+            RiskFlag(
+                code="missing_repository_url",
+                severity="medium",
+                message="The package does not expose an obvious repository URL in project metadata.",
+            )
+        )
+
+    if report.expected_repository:
+        expected = _normalize_repo_url(report.expected_repository)
+        repo_matches = any(_normalize_repo_url(url) == expected for url in report.repository_urls)
+        publisher_matches = any(
+            _normalize_repo_url(identity.repository) == expected
+            for file in report.files
+            for identity in file.publisher_identities
+            if identity.repository
+        )
+        if not repo_matches and not publisher_matches:
+            flags.append(
+                RiskFlag(
+                    code="expected_repository_mismatch",
+                    severity="high",
+                    message="The expected repository does not match declared project metadata or observed publisher identity hints.",
+                )
+            )
+
+    if report.files and all(not file.has_provenance for file in report.files):
+        flags.append(
+            RiskFlag(
+                code="no_provenance",
+                severity="medium",
+                message="No provenance bundles were found for the release files on PyPI.",
+            )
+        )
+
+    if any(file.error for file in report.files) and not any(file.has_provenance for file in report.files):
+        flags.append(
+            RiskFlag(
+                code="provenance_lookup_failed",
+                severity="low",
+                message="PyPI provenance lookups failed for one or more files, so attestation coverage may be incomplete.",
+            )
+        )
+
+    if report.files and not any(file.publisher_identities for file in report.files):
+        flags.append(
+            RiskFlag(
+                code="missing_publisher_identity",
+                severity="medium",
+                message="No Trusted Publisher identity hints were recovered from the provenance bundles.",
+            )
+        )
+
+    return flags
+
+
+def _recommendation_for(flags: list[RiskFlag]) -> str:
+    if any(flag.severity == "high" for flag in flags):
+        return "do-not-trust-without-review"
+    if any(flag.severity == "medium" for flag in flags):
+        return "review"
+    return "looks-good"
+
+
+def _normalize_repo_url(url: str | None) -> str:
+    if not url:
+        return ""
+
+    parsed = urlparse(url)
+    scheme = parsed.scheme.lower() or "https"
+    netloc = parsed.netloc.lower()
+    path = parsed.path.rstrip("/")
+
+    if netloc.endswith("github.com") or netloc.endswith("gitlab.com"):
+        path = path.removesuffix(".git")
+        segments = [segment for segment in path.split("/") if segment]
+        path = "/" + "/".join(segments[:2])
+
+    normalized = parsed._replace(scheme=scheme, netloc=netloc, path=path, params="", query="", fragment="")
+    return normalized.geturl()

trustcheck-1.0.0/src/trustcheck.egg-info/PKG-INFO

@@ -0,0 +1,76 @@
+Metadata-Version: 2.4
+Name: trustcheck
+Version: 1.0.0
+Summary: Package trust and provenance verification for PyPI consumers.
+License: BSD 3-Clause License
+Keywords: pypi,security,supply-chain,provenance,attestations
+Classifier: Development Status :: 3 - Alpha
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3 :: Only
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Classifier: Programming Language :: Python :: 3.14
+Classifier: Topic :: Security
+Classifier: Topic :: Software Development :: Build Tools
+Requires-Python: >=3.10
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Dynamic: license-file
+
+# trustcheck
+
+`trustcheck` is a small Python package and CLI for checking PyPI package trust signals before installation.
+
+The immediate goal is pragmatic: answer questions like these in one local command:
+
+- Does this release expose PyPI provenance / attestation data?
+- Was it published through a Trusted Publisher flow?
+- Which repository URLs does the package claim?
+- Do those URLs match the repository I expected?
+- Are there known PyPI vulnerability records for the selected release?
+- Are there obvious risk flags worth reviewing before install?
+
+This MVP is intentionally conservative:
+
+- It fetches metadata from PyPI's JSON API and provenance objects from PyPI's Integrity API.
+- It surfaces publisher identity hints from provenance bundles when available.
+- It does not yet perform full cryptographic attestation verification. That should be added in a later release via Sigstore / `pypi-attestations` style verification.
+
+## Install
+
+```bash
+pip install -e .
+```
+
+## Usage
+
+```bash
+trustcheck inspect requests
+trustcheck inspect sampleproject --version 4.0.0
+trustcheck inspect sampleproject --expected-repo https://github.com/pypa/sampleproject
+trustcheck inspect sampleproject --format json
+```
+
+## What the report includes
+
+- Selected project and version
+- Declared project URLs and likely repository URLs
+- PyPI ownership metadata when exposed
+- Known vulnerabilities from PyPI
+- Distribution file hashes
+- Provenance / attestation availability per file
+- Trusted Publisher identity hints extracted from provenance bundles
+- Risk flags and an overall recommendation tier
+
+## Roadmap
+
+- Full cryptographic verification of PyPI attestations
+- Stronger repository canonicalization and source matching
+- Policy files for CI and org-level enforcement
+- Support for lockfiles and dependency trees
+- Offline caching and SBOM-style export
+

trustcheck-1.0.0/src/trustcheck.egg-info/SOURCES.txt

@@ -0,0 +1,15 @@
+LICENSE
+README.md
+pyproject.toml
+src/trustcheck/__init__.py
+src/trustcheck/__main__.py
+src/trustcheck/cli.py
+src/trustcheck/models.py
+src/trustcheck/pypi.py
+src/trustcheck/service.py
+src/trustcheck.egg-info/PKG-INFO
+src/trustcheck.egg-info/SOURCES.txt
+src/trustcheck.egg-info/dependency_links.txt
+src/trustcheck.egg-info/entry_points.txt
+src/trustcheck.egg-info/top_level.txt
+tests/test_service.py

trustcheck-1.0.0/src/trustcheck.egg-info/dependency_links.txt

@@ -0,0 +1 @@
+

trustcheck-1.0.0/src/trustcheck.egg-info/entry_points.txt

@@ -0,0 +1,2 @@
+[console_scripts]
+trustcheck = trustcheck.cli:main

trustcheck-1.0.0/src/trustcheck.egg-info/top_level.txt

@@ -0,0 +1 @@
+trustcheck

trustcheck-1.0.0/tests/test_service.py

@@ -0,0 +1,85 @@
+from trustcheck.pypi import PypiClientError
+from trustcheck.service import inspect_package
+import unittest
+
+
+class FakeClient:
+    def get_project(self, project):
+        assert project == "demo"
+        return {
+            "info": {
+                "version": "1.2.3",
+                "summary": "Demo package",
+                "project_urls": {
+                    "Homepage": "https://github.com/example/demo",
+                    "Documentation": "https://docs.example.com/demo",
+                },
+                "ownership": {
+                    "organization": "example-org",
+                    "roles": [{"role": "Owner", "user": "alice"}],
+                },
+            },
+            "urls": [
+                {
+                    "filename": "demo-1.2.3-py3-none-any.whl",
+                    "url": "https://files.pythonhosted.org/packages/demo.whl",
+                    "digests": {"sha256": "abc123"},
+                }
+            ],
+            "vulnerabilities": [],
+        }
+
+    def get_release(self, project, version):
+        raise AssertionError("not expected in this test")
+
+    def get_provenance(self, project, version, filename):
+        return {
+            "attestation_bundles": [
+                {
+                    "publisher": {
+                        "kind": "GitHub Actions",
+                        "repository": "https://github.com/example/demo",
+                        "workflow": "release.yml",
+                    },
+                    "attestations": [{"kind": "publish"}],
+                }
+            ]
+        }
+
+
+class NoProvClient(FakeClient):
+    def get_provenance(self, project, version, filename):
+        raise PypiClientError("resource not found")
+
+
+class InspectPackageTests(unittest.TestCase):
+    def test_inspect_package_happy_path(self):
+        report = inspect_package(
+            "demo",
+            expected_repository="https://github.com/example/demo",
+            client=FakeClient(),
+        )
+
+        self.assertEqual(report.project, "demo")
+        self.assertEqual(report.version, "1.2.3")
+        self.assertEqual(report.recommendation, "looks-good")
+        self.assertEqual(report.repository_urls, ["https://github.com/example/demo"])
+        self.assertTrue(report.files[0].has_provenance)
+        self.assertEqual(
+            report.files[0].publisher_identities[0].repository,
+            "https://github.com/example/demo",
+        )
+        self.assertEqual(report.risk_flags, [])
+
+    def test_inspect_package_flags_missing_provenance_and_repo_mismatch(self):
+        report = inspect_package(
+            "demo",
+            expected_repository="https://github.com/example/other",
+            client=NoProvClient(),
+        )
+
+        flag_codes = {flag.code for flag in report.risk_flags}
+        self.assertIn("expected_repository_mismatch", flag_codes)
+        self.assertIn("no_provenance", flag_codes)
+        self.assertIn("provenance_lookup_failed", flag_codes)
+        self.assertEqual(report.recommendation, "do-not-trust-without-review")